The term “Digital Cinema” refers generally to the creation and/or distribution of motion pictures in digital form, in contrast to traditional cinema whose content, including the image, sound track and subtitles, exists in an analog form on motion picture film. Digital cinema projection systems now exist and make use of a variety of technical solutions, rather than a single standardized solution embraced by all. Protection against copying remains the major concern of content owners (e.g., the motion picture studios) which has limited wide scale digital cinema deployment. The existence of content in digital form affords the opportunity to make perfect copies of the original content with little effort. For that reason various organizations, such as the Digital Cinema Initiative (“DCI”) and the Society for Motion Picture Engineering (“SMPTE”) have devoted much effort towards establishing specifications for digital cinema content distribution.
The DCI specification defines preferred solutions in many areas, such as encoding, distribution, and security. The SMPTE has sought to refine the DCI specification from a technical and implementation perspective. Within the area of security, key management plays a significant role. Key management refers to the management of the keys utilized to accomplish encryption of the digital content. The term, “encryption”, as used throughout means either encryption or scrambling. Likewise, the term decryption means either decryption or descrambling. At the present time, the DCI and SMPTE specifications provide for key management using device certificates and a Trusted Device List (“TDL”). Each Security Entity (“SE”), that is, each device capable of accessing or manipulating the content, will hold a digital certificate provided by the manufacturer of the device; the certificate can be managed by either the manufacturer or an independent entity. The TDL lists trusted devices, e.g., content-receiving devices, such as digital projectors. More specifically, the TDL lists the respective digital certificate of each device that is trusted to manipulate a particular piece of content. A feature encryption key (“KF”) undergoes transmission from the content owner, or an agent acting upon its behalf such as a distributor, to a Security Module (“SM”) located in a theater authorized to display the content. The SM has the responsibility for making sure that only devices explicitly referenced in the TDL access or learn of the KF.
This scheme has several disadvantages. First, no link necessarily exists between the issuer of the TDL and the issuer of the certificate(s), which introduces a security weakness. Conceivably, an outsider could manage to issue certificates to uncertified devices, and could manage to have such uncertified devices listed in a TDL. Second, the Security Module (SM), which typically resides outside the control of the content rights owner and the exhibitor, serves as the sole entity responsible for ensuring that the feature keys only get distributed to trusted devices. Under such circumstances, a hacker could manipulate the SM in such a way to permit transmission of feature keys to devices outside the TDL. Third, with the SM responsible for the KF management in a theater, a hacker could manipulate the SM to get access to the KF. Since the content resides in digital form, access to KF would allow the hacker to access the content and redistribute it virtually free of losses
Thus, a need exists for a key management process that maintains the feature key confidential to those devices that actually perform decryption of the content.